[11.0-stable] eve labelling and assets fix

.github/workflows/assets.yml

@@ -20,8 +20,34 @@ on:  # yamllint disable-line rule:truthy
         type: string
 
 jobs:
+  create_release:
+    runs-on: ubuntu-latest
+    outputs:
+      release_id: ${{ steps.create_release.outputs.release_id }}
+      upload_url: ${{ steps.create_release.outputs.upload_url }}
+    steps:
+      - name: Create GitHub Release
+        id: create_release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        run: |
+          response=$(curl -s -X POST \
+            -H "Authorization: Bearer $GITHUB_TOKEN" \
+            -H "Content-Type: application/json" \
+            -d '{
+              "tag_name": "${{ inputs.tag_ref }}",
+              "name": "${{ inputs.tag_ref }}",
+              "draft": false,
+              "prerelease": true
+            }' https://api.github.com/repos/${{ github.repository }}/releases)
+          release_id=$(echo "$response" | jq -r .id)
+          upload_url=$(echo "$response" | jq -r .upload_url | sed -e "s/{?name,label}//")
+          echo $upload_url
+          echo "release_id=$release_id" >> "$GITHUB_OUTPUT"
+          echo "upload_url=$upload_url" >> "$GITHUB_OUTPUT"
   build:
     runs-on: ubuntu-20.04
+    needs: create_release
     strategy:
       fail-fast: false
       matrix:
@@ -47,8 +73,8 @@ jobs:
           # if the default server is responding -- we can skip apt update
           $APT_INSTALL || { sudo apt update && $APT_INSTALL ; }
           echo "ARCH=${{ matrix.arch }}" >> "$GITHUB_ENV"
-          echo "TAG=$(git describe --always --tags | grep -E '[0-9]*\.[0-9]*\.[0-9]*' || echo snapshot)" >> "$GITHUB_ENV"
-      - name: ensure clean assets dir
+          echo "TAG=$(git describe --always --tags | grep -E '[0-9]+\.[0-9]+\.[0-9]' || echo snapshot)" >> "$GITHUB_ENV"
+      - name: ensure clean assets directory
         run: |
           rm -rf assets && mkdir -p assets
       - name: Pull the EVE release from DockerHUB or build it
@@ -89,147 +115,29 @@ jobs:
           docker create --name eve_sources "$EVE_SOURCES" bash
           docker export --output assets/collected_sources.tar.gz eve_sources
           docker rm eve_sources
-      - name: Create a GitHub release and clean up artifacts
-        id: create-release
-        uses: actions/github-script@v3
-        with:
-          result-encoding: string
-          script: |
-            console.log(context)
-            tag = '${{ inputs.tag_ref }}'
-
-            // first create a release -- it is OK if that fails,
-            // since it means the release is already there
-            try {
-              const raw = (await github.repos.createRelease({
-                owner: context.repo.owner,
-                repo: context.repo.repo,
-                tag_name: tag,
-                name: 'Release ' + tag,
-                prerelease: true,
-              })).data
-              console.log(raw)
-            } catch (e) {}
-
-            // get the release ID
-            const release = (await github.repos.getReleaseByTag({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              tag: tag,
-            })).data
-
-            // get assets for that ID
-            const assets = (await github.repos.listReleaseAssets({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              release_id: release.id,
-            })).data
-
-            // remove all assets (since we will be uploading new ones)
-            // note that we only consider assets coming from the same
-            // architecture we're running on -- this is because GH
-            // release assets can only be flat (no folders allowed)
-            if (Array.isArray(assets) && assets.length > 0) {
-              for (const asset of assets) {
-                if (asset.name.startsWith('${{ env.ARCH }}')) {
-                  await github.repos.deleteReleaseAsset({
-                    owner: context.repo.owner,
-                    repo: context.repo.repo,
-                    asset_id: asset.id,
-                  })
-                }
-              }
-            }
-
-            return release.upload_url
-
-      - name: Upload rootfs for the release
-        id: upload-rootfs-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/rootfs.img
-          asset_name: ${{ env.ARCH }}.rootfs.img
-          asset_content_type: application/octet-stream
-      - name: Upload kernel for the release
-        id: upload-kernel-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/kernel
-          asset_name: ${{ env.ARCH }}.kernel
-          asset_content_type: application/octet-stream
-      - name: Upload installer.img for the release
-        id: upload-installer-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/installer.img
-          asset_name: ${{ env.ARCH }}.installer.img
-          asset_content_type: application/octet-stream
-      - name: Upload initrd.img for the release
-        id: upload-initrd-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/initrd.img
-          asset_name: ${{ env.ARCH }}.initrd.img
-          asset_content_type: application/octet-stream
-      - name: Upload initrd.bits for the release
-        id: upload-initrd-bits-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/initrd.bits
-          asset_name: ${{ env.ARCH }}.initrd.bits
-          asset_content_type: application/octet-stream
-      - name: Upload ipxe.efi for the release
-        id: upload-ipxe-efi-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/ipxe.efi
-          asset_name: ${{ env.ARCH }}.ipxe.efi
-          asset_content_type: application/octet-stream
-      - name: Upload ipxe.efi.cfg for the release
-        id: upload-ipxe-efi-cfg-asset
-        uses: actions/upload-release-asset@v1
+      - name: Create SHA256 checksum, rename, and upload files
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/ipxe.efi.cfg
-          asset_name: ${{ env.ARCH }}.ipxe.efi.cfg
-          asset_content_type: application/octet-stream
-      - name: Upload ipxe.efi.ip.cfg for the release
-        id: upload-ipxe-efi-ip-cfg-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/ipxe.efi.ip.cfg
-          asset_name: ${{ env.ARCH }}.ipxe.efi.ip.cfg
-          asset_content_type: application/octet-stream
-      - name: Upload COLLECTED_SOURCES
-        id: upload-collected-sources-asset
-        uses: actions/upload-release-asset@v1
-        env:
-          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
-        with:
-          upload_url: ${{ steps.create-release.outputs.result }}
-          asset_path: assets/collected_sources.tar.gz
-          asset_name: ${{ env.ARCH }}.collected_sources.tar.gz
-          asset_content_type: application/octet-stream
+          RELEASE_ID: ${{ needs.create_release.outputs.release_id }}
+          UPLOAD_URL: ${{ needs.create_release.outputs.upload_url }}
+        run: |
+          # Create SHA256 checksum for rootfs.img
+          sha256sum "assets/rootfs.img" | awk '{ print $1 }' > "assets/rootfs.img.sha256"
+          for file in assets/*; do
+            base_name=$(basename "$file")
+            # Add ARCH prefix
+            new_name="${ARCH}.${base_name}"
+            # Rename the file
+            mv "$file" "assets/$new_name"
+            echo "Uploading assets/$new_name as $new_name..."
+            upload_response=$(curl -s -X POST \
+              -H "Authorization: Bearer $GITHUB_TOKEN" \
+              -H "Content-Type: application/octet-stream" \
+              --data-binary @"assets/$new_name" \
+              "$UPLOAD_URL?name=$new_name")
+            if echo "$upload_response" | jq -e .id > /dev/null; then
+              echo "$file_name uploaded successfully."
+            else
+              echo "Error uploading $file_name: $upload_response"
+            fi
+          done

.github/workflows/publish.yml

@@ -9,6 +9,7 @@ on:  # yamllint disable-line rule:truthy
     tags:
       - "[0-9]+.[0-9]+.[0-9]+"
       - "[0-9]+.[0-9]+.[0-9]+-lts"
+      - "[0-9]+.[0-9]+.[0-9]+-rc[0-9]+"
 
 jobs:
   packages:

Makefile

@@ -87,7 +87,8 @@ endif
 
 REPO_BRANCH=$(shell git rev-parse --abbrev-ref HEAD | tr / _)
 REPO_SHA=$(shell git describe --match '$$^' --abbrev=8 --always --dirty)
-REPO_TAG=$(shell git describe --always --tags | grep -E '[0-9]*\.[0-9]*\.[0-9]*' || echo snapshot)
+# set this variable to the current tag only if we are building from a tag (annotated or not), otherwise set it to "snapshot", which means rootfs version will be constructed differently
+REPO_TAG=$(shell git describe --always --tags | grep -E '^[0-9]+\.[0-9]+\.[0-9]+(-lts|-rc[0-9]+)?$$' || echo snapshot)
 REPO_DIRTY_TAG=$(if $(findstring -dirty,$(REPO_SHA)),-$(shell date -u +"%Y-%m-%d.%H.%M"))
 EVE_TREE_TAG = $(shell git describe --abbrev=8 --always --dirty --tags)
 
@@ -827,20 +828,11 @@ proto-vendor:
 
 .PHONY: proto-api-%
 
-check-patch-%:
-	@if ! echo $* | grep -Eq '^[0-9]+\.[0-9]+$$'; then echo "ERROR: must be on a release branch X.Y"; exit 1; fi
-	@if ! echo $(EVE_TREE_TAG) | grep -Eq '^$*.[0-9]+-'; then echo "ERROR: can't find previous release's tag X.Y.Z"; exit 1; fi
+rc-release:
+	./tools/rc-release.sh
 
-patch-%: check-patch-%
-	@$(eval PATCH_TAG:=$*.$(shell echo $$((`echo $(EVE_TREE_TAG) | sed -e 's#-.*$$##' | cut -f3 -d.` + 1))))
-
-patch-%-stable: patch-%
-	@$(eval PATCH_TAG:=$(PATCH_TAG)-lts)
-
-patch: patch-$(REPO_BRANCH)
-	@git tag -a -m"Release $(PATCH_TAG)" $(PATCH_TAG)
-	@echo "Done tagging $(PATCH_TAG) patch release. Check the branch with git log and then run"
-	@echo "  git push origin $(REPO_BRANCH) $(PATCH_TAG)"
+lts-release:
+	./tools/lts-release.sh
 
 release:
 	@bail() { echo "ERROR: $$@" ; exit 1 ; } ;\
@@ -997,7 +989,12 @@ help:
 	@echo "   test           run EVE tests"
 	@echo "   clean          clean build artifacts in a current directory (doesn't clean Docker)"
 	@echo "   release        prepare branch for a release (VERSION=x.y.z required)"
-	@echo "   patch          make a patch release on a current branch (must be a release branch)"
+	@echo "   rc-release     make a rc release on a current branch (must be a release branch)"
+	@echo "                  If the latest lts tag is 14.4.0 then running make rc-release will"
+	@echo "                  create 14.4.0-rc1 tag and if the latest tag is 14.4.1-lts then"
+	@echo "   lts-release    make a lts release on a current branch (must be a release branch)"
+	@echo "                  If the latest lts tag is 14.4.0-lts then running make lts-release
+	@echo "                  will create a new lts release 14.4.1-lts"
 	@echo "   proto          generates Go and Python source from protobuf API definitions"
 	@echo "   proto-vendor   update vendored API in packages that require it (e.g. pkg/pillar)"
 	@echo "   shell          drop into docker container setup for Go development"

tools/lts-release.sh

@@ -0,0 +1,87 @@
+#!/bin/bash
+
+#
+# Copyright (c) 2024 Zededa, Inc.
+# SPDX-License-Identifier: Apache-2.0
+#
+
+# Get the current branch
+git_branch=$(git rev-parse --abbrev-ref HEAD | tr / _)
+
+# Get the latest tag from the specified branch
+latest_tag=$(git describe --tags --abbrev=0 "$git_branch")
+
+echo "Latest tag: $latest_tag"
+
+# Check if the input is a valid release branch in the format X.Y (e.g., 1.2)
+check_release_branch() {
+    if ! echo "${git_branch}" | grep -Eq "^[0-9]+\.[0-9]+(-[a-zA-Z]+)?$"; then
+        echo "ERROR: must be on a release branch X.Y"
+        exit 1
+    fi
+}
+
+# Validate if the latest tag is a valid release tag (e.g., X.Y.Z or X.Y.Z-<suffix>)
+check_tag() {
+    if ! echo "${latest_tag}" | grep -Eq "^[0-9]+\.[0-9]+\.[0-9]+(-[a-zA-Z0-9]+)?$"; then
+        echo "ERROR: can't find previous release's tag X.Y.Z"
+        exit 1
+    fi
+}
+
+# Function to check if the latest tag is an RC tag
+is_rc_tag() {
+    if echo "${latest_tag}" | grep -Eq "^[0-9]+\.[0-9]+\.[0-9]+-rc[0-9]+$"; then
+        return 0
+    else
+        return 1
+    fi
+}
+
+# Function to increment the patch version
+increment_patch_version() {
+    local version=$1
+    local major minor patch
+    IFS='.' read -r major minor patch <<< "$version"
+    patch=$((patch + 1))
+    echo "$major.$minor.$patch"
+}
+
+# Perform release branch validation
+check_release_branch
+
+# Perform tag validation
+check_tag
+
+# If the latest tag is an RC tag
+if is_rc_tag; then
+    # Extract the base version (remove the -rc suffix)
+    base_version="${latest_tag%-rc*}"
+    new_tag="${base_version}-lts"
+    echo "Creating LTS tag: $new_tag from the commit of $latest_tag"
+    # Create the LTS tag from the commit of the RC release
+    if git tag -a "$new_tag" "$latest_tag" -m "Release $new_tag"; then
+        echo "Tagged new version: $new_tag"
+        echo "Now, push the tag to the remote repository using:"
+        echo "git push origin $git_branch $new_tag"
+    else
+        echo "Error: Failed to create the new LTS tag."
+        exit 1
+    fi
+else
+    # If the latest tag is not an RC tag
+    echo "Latest tag is not an RC tag. Incrementing the patch version."
+    # Increment the patch version
+    new_version=$(increment_patch_version "$latest_tag")
+    new_tag="${new_version}-lts"
+    echo "Creating LTS tag: $new_tag from the latest non-RC tag"
+    # Create the LTS tag from the latest non-RC release
+    if git tag -a "$new_tag" -m "Release $new_tag"; then
+        echo "Tagged new version: $new_tag"
+        echo "Now, push the tag to the remote repository using:"
+        echo "git push origin $git_branch $new_tag"
+    else
+        echo "Error: Failed to create the new LTS tag."
+        exit 1
+    fi
+fi